On March 27, 2025, the Federal Trade Commission (FTC) filed a lawsuit and proposed settlement order resolving claims against Cleo AI, a fintech that operates a personal finance mobile banking application through which it offers consumers instant or same-day cash advances. The FTC alleges that Cleo deceived consumers about how much money they could get and how fast that money could be available, and that Cleo made it difficult for consumers to cancel its subscription service.

Pointing to those allegations, the FTC alleges Cleo (1) violated Section 5 of the Federal Trade Commission Act (FTC Act) by misrepresenting that consumers would receive—or would be likely to receive—a specific cash advance amount “today” or “instantly” and (2) violated the Restore Online Shoppers’ Confidence Act (ROSCA) by failing to conspicuously disclose all material transaction terms before obtaining consumers’ billing information and by failing to provide simple mechanisms to stop recurring charges.

“Cleo misled consumers with promises of fast money, but consumers found they received much less than the advertised hundreds of dollars promised, had to pay more for same day delivery, and then had difficulty canceling,” said Christopher Mufarrige, Director of the FTC’s Bureau of Consumer Protection.

The FTC cites to consumer complaints in support of its action against Cleo, including one stating: “There’s no other way for me to say it. I need my money right now to pay my rent. I have no other option I can’t wait 3 days. I can’t wait 1 day I need it now. I would never have used Cleo if I would have thought I would ever be in this situation.”

The FTC’s Allegations

In its complaint, filed in the U.S. District Court for the Southern District of New York, the FTC alleges that Cleo violated Section 5 of the FTC Act by:

  • “Up To” Claims. Advertising that its customers would receive “up to $250 in cash advances,” and then, only afterthe consumer subscribes to a plan and Cleo sets the payment date for the subscription, is the consumer informed of the cash advance amount they can actually receive. For “almost all consumers, that amount is much lower than the amount promised in Cleo’s ads.”
  • Undisclosed Fees. Advertising that its customers would obtain cash advances “today” or “instantly,” when Cleo actually charges an “express fee”—sometimes disclosed in a footnote—of $3.99 to get the cash same-day, and, even then, the cash may not arrive until the next day.

In addition, the FTC’s complaint alleges that Cleo violated Section 4 of ROSCA by:

  • Inadequate Disclosures. Failing to clearly and conspicuously disclose all material terms before obtaining customers’ billing information.
  • Inadequate Cancellation Mechanisms. Failing to permit consumers with an outstanding cash advance to cancel their subscriptions through the app.

Proposed Consent Agreement

The FTC’s proposed consent order would be in effect for 10 years and require that Cleo pay $17 million to provide refunds to consumers harmed by the company’s practices. The consent order would restrict Cleo from misleading consumers about material terms of its advances and require that it obtain consumers’ express, informed consent before imposing charges. More specifically, the consent order:

  • Prohibits Cleo from misrepresenting the amount of funds available to a consumer, when funds will be available, any applicable fees (including the nature, purpose, amount, or use of a fee), consumers’ ability to cancel charges, or the terms of any negative option feature.
  • Requires Cleo to clearly and conspicuously disclose, prior to obtaining the consumer’s billing information, all material terms, including any charges after a trial period ends, when a consumer must act to prevent charges, the amount the consumer will be charged unless steps are taken to prevent the charge, and information for consumers to find the simple cancellation mechanism.
  • Requires Cleo provide a simple mechanism for a consumer to cancel the negative option feature, avoid being charged, and immediately stop recurring charges. Such cancellation method must be through the same medium the consumer used to consent to the negative option feature.

The Commission voted 2-0 to issue the Cleo complaint and accept the proposed consent agreement.

Takeaways

The FTC has increased enforcement activities for negative options, such as last year’s enforcement action against Dave, Inc., another cash advance fintech company, which we wrote about previously. This attention on negative options, and consumers’ ability to easily cancel negative options, may provide insight into the FTC’s regulatory agenda, given that the remainder of its Click-to-Cancel Rule takes effect on May 14, 2025.

The FTC recently filed a brief in defense of its Click-to-Cancel Rule, vigorously defending the FTC’s rulemaking against trade association challenges consolidated in the Eighth Circuit. The FTC’s brief puts an end to speculation that the Commission may rethink or roll back the rule given the recent administration change and shifts in FTC leadership.

Businesses should be preparing to adopt changes to implement the Click-to-Cancel Rule, to the extent not already in process. The FTC’s complaint against Cleo should also serve as a reminder that businesses that employ “up to” claims, complex fee structures, or negative option offers should be careful to monitor their conduct in light of developments within the FTC and the other federal and state agencies that police advertising and marketing practices.

Tags: fintech, GT Insight
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Timothy A. Butler Timothy A. Butler

Tim Butler helps companies thrive by developing tailored strategies to address their regulatory compliance challenges and vigorously defending them in government enforcement actions and bet-the-company lawsuits.

A former prosecuting attorney for the Federal Trade Commission (FTC) and former senior official in the Georgia

Tim Butler helps companies thrive by developing tailored strategies to address their regulatory compliance challenges and vigorously defending them in government enforcement actions and bet-the-company lawsuits.

A former prosecuting attorney for the Federal Trade Commission (FTC) and former senior official in the Georgia Attorney General’s Office, Tim has led the defense of dozens of government investigations and enforcement actions brought by the FTC, the Consumer Financial Protection Bureau (CFPB), and the various state attorneys general. Tim also regularly defends clients in bet-the-company lawsuits, including complex business disputes and consumer class actions alleging privacy, false advertising, and unfair or deceptive business practice claims.

Tim is an experienced guide for companies struggling with regulatory complexity. He offers clear advice that helps his clients meet the demands of the ever-growing set of laws and regulations governing data privacy and cybersecurity, advertising and marketing practices, and consumer financial products and services. Clients rely on Tim’s business-minded and practical strategies to address their most difficult regulatory compliance challenges.

A graduate of the University of Chicago and Stanford Law School, Tim is a prolific author and regularly speaks to industry and trade groups about the evolving privacy landscape, about cutting-edge issues affecting payments and fintech companies, and about developments at the FTC, the CFPB, and within the state attorneys general community.

Read more about Timothy A. ButlerTimothy's Linkedin Profile
Show more Show less
Photo of Matthew White Matthew White

Matt White guides clients through regulatory compliance challenges and represents clients in regulatory and civil investigations and litigation.

Matt has counseled fintech and payment companies on regulatory compliance matters, including those involving the Electronic Fund Transfer Act, the Fair Credit Reporting Act, the…

Matt White guides clients through regulatory compliance challenges and represents clients in regulatory and civil investigations and litigation.

Matt has counseled fintech and payment companies on regulatory compliance matters, including those involving the Electronic Fund Transfer Act, the Fair Credit Reporting Act, the Gramm-Leach-Bliley Act, the Truth in Lending Act, and their respective implementing regulations (Regulations E, V, P, and Z). Adept with the Consumer Financial Protection Bureau’s (CFPB) Prepaid Rule, Matt has provided guidance regarding prepaid cards and related compliance.

Matt has also aided clients in developing regulatory compliant products and functionalities, including an earned wage access program, reimbursement prepaid card programs, new merchant cash advance products, and tokenized payment capabilities. In connection with products on which Matt advises, he has also negotiated high-stakes technology sales agreements involving complex regulatory issues, including compliance with data privacy laws, financial regulations, and card network rules.

Beyond helping clients strategize for regulatory complexity, Matt also helps clients navigate government investigations and enforcement actions brought by the Federal Trade Commission (FTC), CFPB, and state attorneys general.

Read more about Matthew WhiteMatthew's Linkedin Profile
Show more Show less
Photo of Tessa Cierny Tessa Cierny

Tessa Cierny advises companies on financial technology and data privacy issues. She has experience counseling companies on state and federal regulatory compliance, including existing and emerging privacy laws, such as the E.U.’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act

Tessa Cierny advises companies on financial technology and data privacy issues. She has experience counseling companies on state and federal regulatory compliance, including existing and emerging privacy laws, such as the E.U.’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), as well as financial and banking regulations, such as the CFPB’s Section 1071 Small Business Lending Rule (Regulation B). In addition, she assists clients in defending business disputes and data breach litigation.

Prior to joining Greenberg Traurig, she served as global records manager for WestRock, where she developed and implemented email and data retention policies for global data privacy regulation compliance. In this role, she also advised on data privacy concerns related to data retention, data loss prevention, and data governance.

Read more about Tessa CiernyTessa L.'s Linkedin Profile
Show more Show less
Related Posts
shutterstock_735743386
CFPB Memo Details Less Oversight on Fintechs, Shift to State-Led Enforcement
April 21, 2025
shutterstock_296369054
‘Buy Now, Pay Later’ Rule Adds to Retailer Compliance Obligations
August 27, 2024
shutterstock_1421446100 (1)
Federal Circuit: Machine Learning Patents Ineligible in Recentive Analytics, Inc. v. Fox Corp.
April 21, 2025